1 / 25

The Dual Receiver Cryptosystem and its Applications

The Dual Receiver Cryptosystem and its Applications. Presented by Brijesh Shetty. Overview. Dual Receiver Cryptosystem – Concept Interesting Applications Combined Cryptosystem Useful Puzzle Solving. Dual Receiver Cryptosystem. Encryption Scheme

ronda
Download Presentation

The Dual Receiver Cryptosystem and its Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Dual Receiver Cryptosystem and its Applications Presented by Brijesh Shetty

  2. Overview • Dual Receiver Cryptosystem – Concept • Interesting Applications • Combined Cryptosystem • Useful Puzzle Solving

  3. Dual Receiver Cryptosystem • Encryption Scheme • Ciphertext can be decrypted by two independent receivers! • Bilinear Diffie Hellman Assumption (based on elliptic curves)

  4. Elliptic Curve based Discrete Log problem • Given Y = k . P and Y,P (i.e P added to itself k times) Find k ???? • (P,P)--- g (Y,P)--- h • By definition of Bilinear Curve, we get h = gk [since (aP,bQ)=(P,Q)ab] (Y,P)=(kP,P)=(P,P)k=gk

  5. “ Key Escrow ” (in the context of Dual receiver) • An arrangement where keys needed to decrypt encrypted data must be held in escrow by a third party. • Eg. Govt. agencies can use it to decrypt messages which they suspect to be relevant to national security.

  6. Dual Receiver Cryptosystem A Ciphertext C Decrypts to m B Message m Encrypt using public keys of B and C C can also decrypt! C does not learn about the private keys of B or A !! C

  7. Dual Receiver Cryptosystem- The Scheme • Some Definitions • (Semantically secure) Dual Receiver Cryptosystem scheme

  8. Definitions (Randomised algorithms) • Key Generation algorithm K(k) = (e,d) & (f,g) • Encryption algorithm E e,f (m) = c

  9. Definitions (contd..) • Decryption Algorithm D Dd,f (c) = m • Recovery Algorithm R Re,g (c) = m

  10. Dual Receiver Cryptosystem- The Scheme • Some Definitions • (Semantically secure) Dual Receiver Cryptosystem scheme

  11. Semantically secure Dual Receiver Cryptosystem A (x, xP) (u1,u2,u3) Message m Random r B private (y, yP) C Hxis a hash fn associated with public key xP

  12. Semantically secure Dual Receiver Cryptosystem A B (x, xP) Message m Random r u1 = rP u2 = yP u3 = m+Hx(<xP,yP>r) (y, yP) C

  13. Decryption <u1,u2>x = <rP,yP>x = <xP,yP>r =<P,P>xyr B U3 + Hx(<xP,yP>r) =m

  14. Recovery (Second Receiver) <u1,xP>y = <rP,xP>y = <xP,yP>r = <P,P>xyr C U3 + Hx(<xP,yP>r) =m

  15. Dual Receiver Cryptosystem- The Scheme • Some Definitions • (Semantically secure) Dual Receiver Cryptosystem scheme

  16. Overview • Dual Receiver Cryptosystem – Concept • Interesting Applications • Combined Cryptosystem • Useful Puzzle Solving

  17. Combined Cryptosystem • We combine using a single key x • Dual Receiver Encryption • Signature

  18. Signature (in Combined scheme) • Same key x . Hash I:{0,1}n -> G1 Sign the hash B A σ = x . I(m) Message m

  19. Verification.. B has m, σ B Verify <P, σ> = <xP, I(m)> If they are same both must be equal <P,I(m)>x

  20. Combined Cryptosystem • What is so special? • Dual receiver encryption facilitates escrow of the decryption capability & non escrow of the signature capability using the same key!! • The security of either of the schemes is not compromised

  21. Overview • Dual Receiver Cryptosystem – Concept • Interesting Applications • Combined Cryptosystem • Useful Security Puzzles

  22. Useful Security Puzzles • Application Areas • When Server wants to rate-limit the clients (against DOS attacks) • Lighten the server’s computational burden • Example : File Server

  23. File Server (Security Puzzle) Server File Eke,Ka(Ks) Ks Abcde …… [ ] ¤¥§~¶ ……. (C1,C2) Client STORING FILE

  24. File Server … (Request File) [ ] ¤¥§~¶ ……. Decryption.. Computation intensive (C1,C2) Dual Receiver Encrytpion G, F are hashes XOR and hash Random p C1 = Eke,Ka(p) u1 = Ks+ G(p) u2 = F(p,Ks,C1,u1) C2 = [u1,u2] Client C1, Pa Compute DPa,Ke(C1) TD1 G(TD1)+u1 = m Check u2=F(p,m,c,u1)

  25. Thank you 

More Related